diff options
author | Nicolas Iooss | 2023-06-16 18:35:31 +0200 |
---|---|---|
committer | Nicolas Iooss | 2023-06-16 18:35:31 +0200 |
commit | 0b3f53e5cf3d9a77f060a965557dcdb12a4e7e91 (patch) | |
tree | 1e5d267d1696cae3cd05da31d522dda70d470d85 | |
parent | 5808976b7b49a28dae6d1c2a800456bd95c10148 (diff) | |
download | aur-0b3f53e5cf3d9a77f060a965557dcdb12a4e7e91.tar.gz |
util-linux-selinux 2.39-9 update
-rw-r--r-- | .SRCINFO | 23 | ||||
-rw-r--r-- | .gitignore | 1 | ||||
-rw-r--r-- | 0001-libmount-don-t-call-hooks-after-mount-type-helper.patch | 82 | ||||
-rw-r--r-- | 0002-libmount-check-for-availability-of-mount-setattr.patch | 98 | ||||
-rw-r--r-- | PKGBUILD | 95 |
5 files changed, 67 insertions, 232 deletions
@@ -1,23 +1,24 @@ pkgbase = util-linux-selinux pkgdesc = SELinux aware miscellaneous system utilities for Linux pkgver = 2.39 - pkgrel = 4 - url = https://github.com/karelzak/util-linux + pkgrel = 9 + url = https://github.com/util-linux/util-linux arch = x86_64 arch = aarch64 groups = selinux license = GPL2 + makedepends = git + makedepends = meson makedepends = asciidoctor + makedepends = bash-completion makedepends = libcap-ng + makedepends = libutempter makedepends = libxcrypt makedepends = python makedepends = systemd makedepends = libselinux options = strip - source = https://www.kernel.org/pub/linux/utils/util-linux/v2.39/util-linux-2.39.tar.xz - source = https://www.kernel.org/pub/linux/utils/util-linux/v2.39/util-linux-2.39.tar.sign - source = 0001-libmount-don-t-call-hooks-after-mount-type-helper.patch - source = 0002-libmount-check-for-availability-of-mount-setattr.patch + source = git+https://github.com/karelzak/util-linux#tag=8d7cca1a88bb347d7a0b5c32d2d2b1e8d71cafcc?signed source = pam-login source = pam-common source = pam-runuser @@ -27,10 +28,7 @@ pkgbase = util-linux-selinux source = rfkill-unblock_.service source = rfkill-block_.service validpgpkeys = B0C64D14301CC6EFAEDF60E4E4B71D5EEC39C284 - sha256sums = 32b30a336cda903182ed61feb3e9b908b762a5e66fe14e43efb88d37162075cb sha256sums = SKIP - sha256sums = e7c6a0375ca1bd4606f7a42882f20b8e3ce7c7107c790694e55699376377c0e1 - sha256sums = 6266b8733450af97bcf0f31fa9b21bad171b53b7b49a2954812c39ea70552cb5 sha256sums = 99cd77f21ee44a0c5e57b0f3670f711a00496f198fc5704d7e44f5d817c81a0f sha256sums = 57e057758944f4557762c6def939410c04ca5803cbdd2bfa2153ce47ffe7a4af sha256sums = 48d6fba767631e3dd3620cf02a71a74c5d65a525d4c4ce4b5a0b7d9f41ebfea1 @@ -48,6 +46,7 @@ pkgname = util-linux-selinux depends = libsystemd.so depends = libudev.so depends = libcap-ng + depends = libutempter depends = libxcrypt depends = libcrypt.so depends = util-linux-libs-selinux @@ -57,8 +56,8 @@ pkgname = util-linux-selinux optdepends = words: default dictionary for look provides = rfkill provides = hardlink - provides = util-linux=2.39-4 - provides = selinux-util-linux=2.39-4 + provides = util-linux=2.39-9 + provides = selinux-util-linux=2.39-9 conflicts = rfkill conflicts = hardlink conflicts = util-linux @@ -81,7 +80,7 @@ pkgname = util-linux-libs-selinux provides = libmount.so provides = libsmartcols.so provides = libuuid.so - provides = util-linux-libs=2.39-4 + provides = util-linux-libs=2.39-9 provides = libutil-linux-selinux conflicts = util-linux-libs conflicts = libutil-linux-selinux diff --git a/.gitignore b/.gitignore new file mode 100644 index 000000000000..d9dbb1e12191 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +/util-linux/ diff --git a/0001-libmount-don-t-call-hooks-after-mount-type-helper.patch b/0001-libmount-don-t-call-hooks-after-mount-type-helper.patch deleted file mode 100644 index 3a4f7a9c0fb9..000000000000 --- a/0001-libmount-don-t-call-hooks-after-mount-type-helper.patch +++ /dev/null @@ -1,82 +0,0 @@ -From f94a7760ed7ce81389a6059f020238981627a70d Mon Sep 17 00:00:00 2001 -From: Karel Zak <kzak@redhat.com> -Date: Thu, 25 May 2023 11:48:24 +0200 -Subject: [PATCH] libmount: don't call hooks after mount.<type> helper - -In case more filesystems are specified (or when libmount follows -/{etc,proc}/filesystems) then the library may try to use and -initialize the new API because for some filesystems, we need -exec(/sbin/mount.<type>) and for another fsopen(). - -The hooks that use the API have to smart and detect that the mount -operation was done in external /sbin/mount.<type> helper. And in this -case, the new API file descriptors must be ignored. - -The exception is propagation flags, mount(8) can set the flags after -exec(/sbin/mount.<type>), for example, "mount -t ntfs --make-private". - -Fixes: https://github.com/util-linux/util-linux/issues/2267 -Signed-off-by: Karel Zak <kzak@redhat.com> ---- - libmount/src/context_mount.c | 2 ++ - libmount/src/hook_mount.c | 13 +++++++++++++ - 2 files changed, 15 insertions(+) - -diff --git a/libmount/src/context_mount.c b/libmount/src/context_mount.c -index cbb4f1fdfa..40f9ed0733 100644 ---- a/libmount/src/context_mount.c -+++ b/libmount/src/context_mount.c -@@ -508,6 +508,8 @@ static int do_mount(struct libmnt_context *cxt, const char *try_type) - assert(cxt->fs); - assert((cxt->flags & MNT_FL_MOUNTFLAGS_MERGED)); - -+ mnt_context_reset_status(cxt); -+ - if (try_type) { - rc = mnt_context_prepare_helper(cxt, "mount", try_type); - if (rc) -diff --git a/libmount/src/hook_mount.c b/libmount/src/hook_mount.c -index 924c714448..91483afa68 100644 ---- a/libmount/src/hook_mount.c -+++ b/libmount/src/hook_mount.c -@@ -239,6 +239,10 @@ static int hook_create_mount(struct libmnt_context *cxt, - int rc = 0; - - assert(cxt); -+ -+ if (mnt_context_helper_executed(cxt)) -+ return 0; -+ - assert(cxt->fs); - - api = get_sysapi(cxt); -@@ -309,6 +313,9 @@ static int hook_reconfigure_mount(struct libmnt_context *cxt, - - assert(cxt); - -+ if (mnt_context_helper_executed(cxt)) -+ return 0; -+ - api = get_sysapi(cxt); - assert(api); - assert(api->fd_tree >= 0); -@@ -379,6 +386,9 @@ static int hook_set_vfsflags(struct libmnt_context *cxt, - uint64_t set = 0, clr = 0; - int rc = 0; - -+ if (mnt_context_helper_executed(cxt)) -+ return 0; -+ - DBG(HOOK, ul_debugobj(hs, "setting VFS flags")); - - ol = mnt_context_get_optlist(cxt); -@@ -471,6 +481,9 @@ static int hook_attach_target(struct libmnt_context *cxt, - const char *target; - int rc = 0; - -+ if (mnt_context_helper_executed(cxt)) -+ return 0; -+ - target = mnt_fs_get_target(cxt->fs); - if (!target) - return -EINVAL; diff --git a/0002-libmount-check-for-availability-of-mount-setattr.patch b/0002-libmount-check-for-availability-of-mount-setattr.patch deleted file mode 100644 index 10a6f41105ee..000000000000 --- a/0002-libmount-check-for-availability-of-mount-setattr.patch +++ /dev/null @@ -1,98 +0,0 @@ -commit 1bd85b64632280d6bf0e86b4ff29da8b19321c5f -Author: Thomas Weißschuh <thomas@t-8ch.de> -Date: Sat May 20 06:38:20 2023 +0200 - - libmount: check for availability of mount_setattr - - If mount_setattr is not available but needed fall back to the legacy - mount API. - - Fixes #2247 - - Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de> - -diff --git a/libmount/src/hook_mount.c b/libmount/src/hook_mount.c -index a324637cb..01de9e1c5 100644 ---- a/libmount/src/hook_mount.c -+++ b/libmount/src/hook_mount.c -@@ -510,6 +510,15 @@ static inline int fsopen_is_supported(void) - return rc; - } - -+static inline int mount_setattr_is_supported(void) -+{ -+ int rc; -+ -+ errno = 0; -+ rc = mount_setattr(-1, NULL, 0, NULL, 0); -+ return !(rc == -1 && errno == ENOSYS); -+} -+ - /* - * open_tree() and fsopen() - */ -@@ -675,9 +684,14 @@ static int hook_prepare(struct libmnt_context *cxt, - /* call mount_setattr() */ - if (!rc - && cxt->helper == NULL -- && (set != 0 || clr != 0 || (flags & MS_REMOUNT))) -+ && (set != 0 || clr != 0 || (flags & MS_REMOUNT))) { -+ if (!mount_setattr_is_supported()) { -+ hookset_deinit(cxt, hs); -+ return 1; -+ } - rc = mnt_context_append_hook(cxt, hs, MNT_STAGE_MOUNT, NULL, - hook_set_vfsflags); -+ } - - /* call move_mount() to attach target */ - if (!rc -@@ -688,9 +702,14 @@ static int hook_prepare(struct libmnt_context *cxt, - hook_attach_target); - - /* set propagation (has to be attached to VFS) */ -- if (!rc && mnt_optlist_get_propagation(ol)) -+ if (!rc && mnt_optlist_get_propagation(ol)) { -+ if (!mount_setattr_is_supported()) { -+ hookset_deinit(cxt, hs); -+ return 1; -+ } - rc = mnt_context_append_hook(cxt, hs, MNT_STAGE_MOUNT_POST, NULL, - hook_set_propagation); -+ } - - DBG(HOOK, ul_debugobj(hs, "prepare mount done [rc=%d]", rc)); - return rc; -diff --git a/tests/expected/mount/fallback-mount_setattr b/tests/expected/mount/fallback-mount_setattr -new file mode 100644 -index 000000000..3e18ebf09 ---- /dev/null -+++ b/tests/expected/mount/fallback-mount_setattr -@@ -0,0 +1 @@ -+private -diff --git a/tests/ts/mount/fallback b/tests/ts/mount/fallback -index 6033eb575..b225be189 100755 ---- a/tests/ts/mount/fallback -+++ b/tests/ts/mount/fallback -@@ -68,5 +68,21 @@ $TS_CMD_UMOUNT $MOUNTPOINT - ts_finalize_subtest - - -+ts_init_subtest "mount_setattr" -+"$TS_CMD_MOUNT" "$DEVICE" "$MOUNTPOINT" >> $TS_OUTPUT 2>> $TS_ERRLOG -+ts_is_mounted $DEVICE || ts_log "Cannot find $DEVICE in /proc/mounts" -+$TS_CMD_ENOSYS -s mount_setattr -- \ -+ "$TS_CMD_MOUNT" -o remount,ro "$MOUNTPOINT" \ -+ >> $TS_OUTPUT 2>> $TS_ERRLOG -+$TS_CMD_FINDMNT --kernel --mountpoint "$MOUNTPOINT" --options "ro" &> /dev/null -+[ "$?" == "0" ] || ts_die "Cannot find read-only in $MOUNTPOINT in /proc/self/mountinfo" -+$TS_CMD_ENOSYS -s mount_setattr -- \ -+ "$TS_CMD_MOUNT" --make-slave "$MOUNTPOINT" \ -+ >> $TS_OUTPUT 2>> $TS_ERRLOG -+$TS_CMD_FINDMNT -n --kernel --mountpoint "$MOUNTPOINT" -o PROPAGATION >> $TS_OUTPUT -+$TS_CMD_UMOUNT $MOUNTPOINT -+ts_finalize_subtest -+ -+ - ts_finalize - @@ -10,12 +10,12 @@ pkgbase=util-linux-selinux pkgname=(util-linux-selinux util-linux-libs-selinux) -_pkgmajor=2.39 -_realver=${_pkgmajor} -pkgver=${_realver/-/} -pkgrel=4 +_tag='8d7cca1a88bb347d7a0b5c32d2d2b1e8d71cafcc' # git rev-parse v${_tag_name} +_tag_name=2.39 +pkgver=${_tag_name/-/} +pkgrel=9 pkgdesc='SELinux aware miscellaneous system utilities for Linux' -url='https://github.com/karelzak/util-linux' +url='https://github.com/util-linux/util-linux' arch=('x86_64' 'aarch64') groups=('selinux') # SELinux package maintenance note: @@ -23,22 +23,18 @@ groups=('selinux') # systemd depends on libutil-linux and util-linux depends on libudev # provided by libsystemd (FS#39767). To break this cycle, make # util-linux-selinux depend on systemd at build time. -makedepends=('asciidoctor' 'libcap-ng' 'libxcrypt' 'python' 'systemd' 'libselinux') +makedepends=('git' 'meson' 'asciidoctor' 'bash-completion' 'libcap-ng' + 'libutempter' 'libxcrypt' 'python' 'systemd' 'libselinux') license=('GPL2') options=('strip') validpgpkeys=('B0C64D14301CC6EFAEDF60E4E4B71D5EEC39C284') # Karel Zak -source=("https://www.kernel.org/pub/linux/utils/util-linux/v${_pkgmajor}/${pkgbase/-selinux}-${_realver}.tar."{xz,sign} - '0001-libmount-don-t-call-hooks-after-mount-type-helper.patch' - '0002-libmount-check-for-availability-of-mount-setattr.patch' +source=("git+https://github.com/karelzak/util-linux#tag=${_tag}?signed" pam-{login,common,runuser,su} 'util-linux.sysusers' '60-rfkill.rules' 'rfkill-unblock_.service' 'rfkill-block_.service') -sha256sums=('32b30a336cda903182ed61feb3e9b908b762a5e66fe14e43efb88d37162075cb' - 'SKIP' - 'e7c6a0375ca1bd4606f7a42882f20b8e3ce7c7107c790694e55699376377c0e1' - '6266b8733450af97bcf0f31fa9b21bad171b53b7b49a2954812c39ea70552cb5' +sha256sums=('SKIP' '99cd77f21ee44a0c5e57b0f3670f711a00496f198fc5704d7e44f5d817c81a0f' '57e057758944f4557762c6def939410c04ca5803cbdd2bfa2153ce47ffe7a4af' '48d6fba767631e3dd3620cf02a71a74c5d65a525d4c4ce4b5a0b7d9f41ebfea1' @@ -48,33 +44,53 @@ sha256sums=('32b30a336cda903182ed61feb3e9b908b762a5e66fe14e43efb88d37162075cb' '8ccec10a22523f6b9d55e0d6cbf91905a39881446710aa083e935e8073323376' 'a22e0a037e702170c7d88460cc9c9c2ab1d3e5c54a6985cd4a164ea7beff1b36') -prepare() { - cd "${pkgbase/-selinux}-${_realver}" +_backports=( + # current stable/v2.39 + "${_tag}..205e88e51c11d039cd80c9f1104bee5555a4ddaa" +) + +_reverts=( +) - patch -Np1 < ../0001-libmount-don-t-call-hooks-after-mount-type-helper.patch - patch -Np1 < ../0002-libmount-check-for-availability-of-mount-setattr.patch +prepare() { + cd "${pkgbase/-selinux}" + + local _c + for _c in "${_backports[@]}"; do + if [[ $_c == *..* ]]; then + git log --oneline --reverse "${_c}" + else + git log --oneline -1 "${_c}" + fi + git cherry-pick -n -m1 "${_c}" + done + for _c in "${_reverts[@]}"; do + git log --oneline -1 "${_c}" + git revert -n "${_c}" + done } build() { - cd "${pkgbase/-selinux}-${_realver}" - - ./configure \ - --prefix=/usr \ - --libdir=/usr/lib \ - --bindir=/usr/bin \ - --sbindir=/usr/bin \ - --localstatedir=/var \ - --enable-usrdir-path \ - --enable-fs-paths-default=/usr/bin:/usr/local/bin \ - --enable-vipw \ - --enable-newgrp \ - --enable-chfn-chsh \ - --enable-write \ - --enable-mesg \ - --with-selinux \ - --with-python=3 - - make + local _meson_options=( + -Dfs-search-path=/usr/bin:/usr/local/bin + + -Dlibuser=disabled + -Dncurses=disabled + -Dncursesw=enabled + -Deconf=disabled + -Dselinux=enabled + + -Dbuild-chfn-chsh=enabled + -Dbuild-line=disabled + -Dbuild-mesg=enabled + -Dbuild-newgrp=enabled + -Dbuild-vipw=enabled + -Dbuild-write=enabled + ) + + arch-meson "${pkgbase/-selinux}" build "${_meson_options[@]}" + + meson compile -C build } package_util-linux-selinux() { @@ -83,9 +99,8 @@ package_util-linux-selinux() { provides=('rfkill' 'hardlink' "${pkgname/-selinux}=${pkgver}-${pkgrel}" "selinux-${pkgname/-selinux}=${pkgver}-${pkgrel}") - depends=('pam-selinux' 'shadow-selinux' 'coreutils-selinux' - 'systemd-libs' 'libsystemd.so' 'libudev.so' - 'libcap-ng' 'libxcrypt' 'libcrypt.so' 'util-linux-libs-selinux' + depends=('pam-selinux' 'shadow-selinux' 'coreutils-selinux' 'systemd-libs' 'libsystemd.so' + 'libudev.so' 'libcap-ng' 'libutempter' 'libxcrypt' 'libcrypt.so' 'util-linux-libs-selinux' 'libmagic.so' 'libncursesw.so') optdepends=('python: python bindings to libmount' 'words: default dictionary for look') @@ -99,7 +114,7 @@ package_util-linux-selinux() { _python_stdlib="$(python -c 'import sysconfig; print(sysconfig.get_paths()["stdlib"])')" - make -C "${pkgbase/-selinux}-${_realver}" DESTDIR="${pkgdir}" usrsbin_execdir=/usr/bin install + DESTDIR="${pkgdir}" meson install -C build # remove static libraries rm "${pkgdir}"/usr/lib/lib*.a* |